-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2855-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk December 27, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : monit Version : 1:5.20.0-6+deb9u2 CVE ID : CVE-2019-11454 CVE-2019-11455 Debian Bug : 927775 Two vulnerabilities were fixed in monit, a utility for monitoring and managing Unix systems. CVE-2019-11454 Persistent cross-site scripting in http/cervlet.c CVE-2019-11455 Buffer over-read in Util_urlDecode in util.c For Debian 9 stretch, these problems have been fixed in version 1:5.20.0-6+deb9u2. We recommend that you upgrade your monit packages. For the detailed security status of monit please refer to its security tracker page at: https://security-tracker.debian.org/tracker/monit Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmHKEYQACgkQiNJCh6LY mLHZRA/8CeDnL7MklFtIaYe/gle1v3d+uepa8qflBP+ev7/uKu6I6yo6k6oYBfiZ rICvlwJvxBhQl0svaCEzdKzB3tOq/9TYfY8pbGFsmkUjJ7uNVtEAUPjV/EQjQRyf 050PjNNTTzLaGih1/JOE/EpZIUYr3dcGoDgPtOzZvG8FUPz5PkpxOX24yqg1LP5l cJHCJLiI5MPgpyqNKRrJrtEbcY7Dwgp44UGhRblWAVD27IEitMIRlVfQIcjr09zG zf5eGaXf5Pyjn6NE04RaHkyZhoW37w4o09AND4pU2phcnaTuCkm1c9KntYbRGgEd HYOGml1uaJxJ/qxiqrdpCEUQcdfGPcwuySSHDsiOTpJ+NKUQcpCuzY8YYUvBpciG x1JAdYoi0Slxo3lNxUdIf8Htnfn+lF0OryyNOZi6i8ijX4XKzJ+cEtMsCxQ0qXcJ sIMrzN4GH0k8tWI6s/pxqgTQfzPC8FRYG/nidhUOkJl8L7T1urPfvJVir4KVeuBA 9G5d9rtHPXS2d6sEmL6MtRX06Cz7R915ujR0VlUAaHPVvOdYGBcMKH/CXZwtSk1n aEzs2ClHmvDTLP8yrJxIxMT4fbhVLKnv/4ehBWBAE84qIhTuZwNordhn2aa4tajZ DTd6sH6B15n3FHZnZxr109BVGco5+dHcVTtx8xRGOagUvVOtUMY= =x7Im -----END PGP SIGNATURE-----